Prosecution Insights
Last updated: July 17, 2026
Application No. 18/978,636

OPTIMIZING COMPUTATIONAL STORAGE USE FOR THREAT DETECTION

Final Rejection §103
Filed
Dec 12, 2024
Examiner
SRIRAM, ADITYA
Art Unit
2491
Tech Center
2400 — Computer Networks
Assignee
International Business Machines Corporation
OA Round
2 (Final)
71%
Grant Probability
Favorable
3-4
OA Rounds
1y 4m
Est. Remaining
98%
With Interview

Examiner Intelligence

Grants 71% — above average
71%
Career Allowance Rate
29 granted / 41 resolved
+12.7% vs TC avg
Strong +27% interview lift
Without
With
+27.1%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
11 currently pending
Career history
56
Total Applications
across all art units

Statute-Specific Performance

§101
1.3%
-38.7% vs TC avg
§103
92.3%
+52.3% vs TC avg
§102
4.5%
-35.5% vs TC avg
§112
1.9%
-38.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 41 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment Applicant’s amendment, filed 06/09/2026, has been entered and fully considered. In light of Applicant’s amendment, the objection to Fig. 4 of the drawings has been withdrawn. In light of Applicant’s amendment, the objection to claims 7, 10, 16 has been withdrawn. Response to Arguments Applicant’s arguments, see pages 9-12, with respect to the rejection of claims 1-20 under 35 U.S.C. 101 have been fully considered and are persuasive. The rejection of claims 1-20 under 35 U.S.C. 101 has been withdrawn. Applicant’s arguments, see pages 12-15, with respect to the rejection of claims 1-20 under 35 U.S.C. 103 have been fully considered but are not persuasive. Applicant argues that the processing in Manuguri is performed using host-based computational resources like a CPU and therefore, this does not teach the claimed “a second computing storage device” because a computational resource like a CPU is not a computing storage device. However, under a broadest reasonable interpretation (BRI), words of the claim must be given their plain meaning, unless such meaning is inconsistent with the specification. See MPEP 2111.01(I). Thus, the claimed “computing storage device” is being interpreted as encompassing a device that has storage and performs computations, which corresponds to a generic hardware computer including memory. The DPI processing system of Manuguri does include “memory 510 may be used for storing data, metadata, and programs for execution by the microprocessor(s) 505” (Manuguri: paragraph [0038]). Therefore, the DPI module 340 of Manuguri is a device that stores data and performs computations of DPI inspection. Hence, the DPI module 340 teaches the claimed “computing storage device”. It appears Applicant is arguing that the claimed “second computing storage device” should be interpreted as “perform[ing] computation within the storage hardware” (See Applicant Remarks page 14, line 6). However, it is improper to import claim limitations from the specification that are not part of the claim. See MPEP 2111.01(II). The instant specification, filed 12/12/2024, discloses some embodiments of a second computing storage device in paragraphs [0002]-[0004] in the Brief Summary and discloses “a second computing storage device configured to perform threat detection” in paragraph [0016]. There is no further disclosure of a computing storage device in the specification. Instead, the specification does disclose that “computational storage is a technology where storage devices have additional compute capabilities associated with them”. The claim recites a computing storage device, not a computational storage device. Therefore, it is improper to interpret a computing storage device as limited to only devices that “perform computation within the storage hardware” because 1) the plain meaning of the term “computing storage device” is not limited to this embodiment and 2) this plain meaning is consistent with the specification because the specification does not disclose any particular storage structure or processor features of a “computing storage device”. Applicant further argues that forwarding packet data for inspection in Manuguri does not teach the claimed “forwarding a workload of a storage volume” because packet flows do not teach storage workloads. However, under a broadest reasonable interpretation (BRI), words of the claim must be given their plain meaning, unless such meaning is inconsistent with the specification. See MPEP 2111.01(I). The plain meaning of a workload is a computational task and the instant specification discloses “detect[ing] anomalies in workloads and indicate compromised data in a cyber-attack” in paragraph [0010]. Therefore, it is proper to interpret the claimed workload as encompassing a computational task, and the forwarding of packet data for inspection in Manuguri teaches the “forwarding a workload” limitation. Applicant further argues that Watson does not teach or suggest forwarding a workload of a storage volume to another system for the purpose of threat detection. However, Watson does teach forwarding a computational task of analyzing packets to another network monitoring device (Watson: paragraph [0036], “The NPB 116 may forward captured packets to the FPC device 120, which stores the captured packets in the primary storage 104. The NPB 116 may also forward one or more of the captured packets to one or more network monitoring devices 118”) for identifying security threats (Watson: paragraph [0012], “Computer network management may include monitoring and capturing packets sent over the network to identify security threats”). Applicant further argues that Watson does not teach or suggest performing threat detection within a computing storage device. however, as explained earlier in this Office Action, “computing storage device” is being interpreted as encompassing a device that has storage and performs computations, which corresponds to a generic hardware computer including memory. Watson teaches that the computer system of FIG. 4 may be used to implement the embodiments disclosed (Watson: paragraph [0066]) and that a computer system 400 includes a processor 404 and main memory 408 (Watson: FIG. 4). Therefore, Watson does teach performing network monitoring on a network monitoring device, including a processor and memory. Hence, Watson does teach or suggest performing threat detection within a computing storage device. Applicant further argues that Manuguri and Watson operate in different domains and neither address storage system workloads nor threat detection. Applicant states that Manuguri is directed to network packet inspection. However, Watson is also directed to network packet inspection (Watson: paragraph [0012], “Computer network management may include monitoring and capturing packets sent over the network to identify security threats”). Watson also teaches forwarding a computational task of analyzing packets to another network monitoring device (Watson: paragraph [0036], “The NPB 116 may forward captured packets to the FPC device 120, which stores the captured packets in the primary storage 104. The NPB 116 may also forward one or more of the captured packets to one or more network monitoring devices 118”). Therefore, Manuguri and Watson, in combination, do operate in the same field of endeavor and teach storage system workloads and threat detection. Claim Analysis - 35 USC § 101 Regarding claims 10-20, the Examiner finds that the claim term “computer readable storage medium” is directed towards statutory subject matter. In particular, the Specification filed 12/12/2024 explicitly defines computer readable storage media to exclude transitory media in paragraph [0041]. Thus, the claimed “computer readable storage media” is limited to statutory forms of non-transitory hardware media, as it does not include transitory media. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claim(s) 1-3, 6, 9-12, 15, 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Manuguri et al. (USP App Pub 2014/0226478; hereinafter Manuguri) in view of Watson et al. (USP App Pub 2021/0385138; hereinafter Watson). Regarding claim 1, A method (Manuguri: paragraph [0013], “method 100 of deep packet inspection”; paragraph [0002], “Deep packet inspection (DPI)”) comprising: identifying a storage … (Manuguri: paragraph [0013], “At block 105, an embodiment receives one or more packets of a flow of packets”) associated with a first system (Manuguri: claim 1, “receiving, by an inspection module running within a kernel layer of a first host computer, one or more packets of a flow of packets from a source to a destination”; FIG. 3, host 305 on the left); forwarding a workload (Manuguri: paragraph [0021], “the task of performing the inspection may be delegated to one or more devices with computational bandwidth within a cluster of devices”) of the storage … to a second system (Manuguri: claim 4, “transmitting a copy of the one or more packets to the second host computer”) via a network (Manuguri: paragraph [0027], “The packets are transmitted to the selected host 305 over the DPI tunnel 330”), wherein the second system includes a second computing storage device (Manuguri: FIG. 3, host 305 on the right includes a DPI module 340) configured to perform threat detection (Manuguri: paragraph [0027], “the DPI module 340 selects another host to perform DPI on copied packets”; paragraph [0025], “the DPI module 340 triggering a policy response (e.g., … determining that copied packets match a policy)”; paragraph [0019], “inspection of the packets may reveal that the packets include data from a prohibited uniform resource locator (URL) and the packet stream is reset/dropped as a part of a triggered policy response” i.e., DPI module 340 performs deep packet inspection); receiving, from the second computing storage device of the second system, an alert (Manuguri: claim 4, “receiving, from the second host computer, a result of the comparison of the content of the one or more packets to the policy”) of a threat detected in the workload of the storage (Manuguri: paragraph [0021], “receiving the result of the inspection from the selected device”; paragraph [0019], “inspection of the packets may reveal that the packets include data from a prohibited uniform resource locator (URL) and the packet stream is reset/dropped as a part of a triggered policy response”) …; and isolating the workload of the storage (Manuguri: paragraph [0019], “the policy response includes taking an action that has an impact on the packet flow, such as resetting the packet flow, dropping packets from the packet flow, redirecting the packet flow”; claim 3, “the policy response includes diverting the flow of packets to a different destination”) … on the first system (Manuguri: claim 1, “the policy response has an impact on the flow of packets to or from the first virtual machine”). Manuguri does not teach …storage volume… storage volume… storage volume …storage volume… However, in the same field of endeavor, Watson does teach …storage volume … storage volume… storage volume …storage volume (Watson: paragraph [0031], “store captured packets, including header data and payload data, in the primary storage 104”; paragraph [0040], “packet capture manager 102 may detect the suspicious traffic pattern in the captured packets stored in the primary storage 104 and identify the captured data flows including the packets associated with the suspicious traffic pattern as data flows of interest”; paragraph [0033], “The primary storage 104 may include local on-premise storage, cloud-based storage or any computer readable storage device or storage service”; paragraph [0036], “The NPB 116 may forward captured packets to the FPC device 120, which stores the captured packets in the primary storage 104. The NPB 116 may also forward one or more of the captured packets to one or more network monitoring devices 118”)… It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the deep packet inspection system of Manuguri to incorporate the teachings of Watson to use storage to store packets for analysis. The motivation for doing so is to store packets while the packets are being analyzed (Watson: paragraph [0036], “The NPB 116 may forward captured packets to the FPC device 120, which stores the captured packets in the primary storage 104. The NPB 116 may also forward one or more of the captured packets to one or more network monitoring devices 118”). Regarding claim 2, Manuguri and Watson teach the method of claim 1, further comprising: distributing a plurality of volumes (Watson: paragraph [0031], “store captured packets, including header data and payload data, in the primary storage 104”) across the first system (Manuguri: claim 1, “receiving, by an inspection module running within a kernel layer of a first host computer, one or more packets of a flow of packets from a source to a destination”) and the second system (Manuguri: claim 4, “transmitting a copy of the one or more packets to the second host computer”) using a bitmapping technique (Manuguri: paragraph [0034], “the DPI module 340 selects an available host 305 based upon the availability data and/or a load-balancing algorithm”; paragraph [0027], “Hosts 305 may be selected based upon the availability data and/or according to one or more load-balancing algorithms, such as round robin”; Applicant specification filed 12/12/2024, “a bitmapping technique, e.g., round robin” i.e., Applicant discloses that ‘bitmapping’ encompasses round robin). Regarding claim 3, Manuguri and Watson teach the method of claim 1, wherein the workload (Manuguri: paragraph [0021], “the task of performing the inspection may be delegated to one or more devices with computational bandwidth within a cluster of devices”) is assigned to a threat detection tier on the second system (Manuguri: paragraph [0021], “receiving the result of the inspection from the selected device”; paragraph [0019], “inspection of the packets may reveal that the packets include data from a prohibited uniform resource locator (URL) and the packet stream is reset/dropped as a part of a triggered policy response”). Regarding claim 6, Manuguri and Watson teach the method of claim 1, further comprising one or both of the following in response to the alert (Manuguri: claim 4, “receiving, from the second host computer, a result of the comparison of the content of the one or more packets to the policy”): sending the alert from the second system to the first system; or subjecting data affected by the threat (Manuguri: paragraph [0025], “the DPI module 340 triggering a policy response (e.g., … determining that copied packets match a policy)”) to policy-based handling (Manuguri: paragraph [0019], “If a policy response is triggered, at block 125, an embodiment performs said policy response with respect to the flow of packets”). Regarding claim 9, Manuguri and Watson teach the method of claim 6, wherein the policy-based handling of the affected data (Manuguri: paragraph [0019], “If a policy response is triggered, at block 125, an embodiment performs said policy response with respect to the flow of packets”) comprises one or more of the following: isolating the data (Manuguri: paragraph [0019], “the policy response includes taking an action that has an impact on the packet flow, such as resetting the packet flow, dropping packets from the packet flow, redirecting the packet flow”; claim 3, “the policy response includes diverting the flow of packets to a different destination”); or stopping replication on the data; or flagging a source of the data. The motivation to combine references for the claims listed above is the same as the motivation stated in claim 1. Re. claims 10-12, 15, 18, they recite analogous limitations as claims 1-3, 6-9, respectively, and therefore are rejected for the same reasons. Re. claims 19-20, they recite analogous limitations as claims 1-2, respectively, and therefore are rejected for the same reasons. Claim(s) 4-5, 13-14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Manuguri in view of Watson in further view of Gula et al. (US Pat No 7,926,113) Regarding claim 4, Manuguri and Watson teach the method of claim 1, wherein the workload (Manuguri: paragraph [0021], “the task of performing the inspection may be delegated to one or more devices with computational bandwidth within a cluster of devices”)… Manuguri and Watson do not teach … is a high-priority workload. However, in the same field of endeavor, Gula does teach … is a high-priority workload (Gula: col 12, line 57, “The Analyze Events tool also identifies high priority IDS events”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network inspector of Manuguri and Watson to incorporate the teachings of Gula to identify high priority events. The motivation for doing so is to correlate attacks with actual vulnerabilities on the host (Gula: col 8, lines 28-33, “Lightning Console 810 may correlate the intrusion events detected by IDS sensors 820 and 822 with the known vulnerabilities of the system mapped during scanning operations. In this manner, the Lightning Console may correlate attacks which target network hosts or devices with the actual vulnerabilities on that host or device to define a high priority event”). Regarding claim 5, Manuguri, Watson and Gula teach the method of claim 4, wherein the workload is identified as high-priority (Gula: col 12, line 57, “The Analyze Events tool also identifies high priority IDS events”) based on one or more of the following: user actions (Gula: col 12, lines 58-60, “the Analyze Events tool allows a user to define a high priority event as any IDS event which targets a system that is vulnerable to the attack”); or monitoring a number of Input/Outputs received on a volume; or monitoring a number of write Input/Outputs received on a volume; or monitoring a number of read Input/Outputs received on a volume; or a volume migration map produced using a tiering mechanism. The motivation to combine references for the claims listed above is the same as the motivation stated in claim 4. Re. claims 13-14, they recite analogous limitations as claims 4-5, respectively, and therefore are rejected for the same reasons. Claim(s) 7-8, 16-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Manuguri in view of Watson in further view of Buytenhek et al. (USP App Pub 2020/0059514; hereinafter Buytenhek). Regarding claim 7, Manuguri and Watson do no teach the method of claim 1, wherein the first system includes a first computing storage device (Manuguri: FIG. 3, host 305 on the left includes a DPI module 340) configured to perform threat detection (Manuguri: paragraph [0025], “the DPI module 340 triggering a policy response (e.g., … determining that copied packets match a policy)”; paragraph [0019], “inspection of the packets may reveal that the packets include data from a prohibited uniform resource locator (URL) and the packet stream is reset/dropped as a part of a triggered policy response” i.e., DPI module 340 performs deep packet inspection), the method further comprising: replicating the storage volume (Watson: paragraph [0031], “store captured packets, including header data and payload data, in the primary storage 104”) of the first system at the second system (Manuguri: paragraph [0021], “the task of performing the inspection may be delegated to one or more devices with computational bandwidth within a cluster of devices”) as a replicated storage volume (Manuguri: claim 4, “transmitting a copy of the one or more packets to the second host computer” i.e., transmitting a copy is replication; Watson: paragraph [0031], “store captured packets, including header data and payload data, in the primary storage 104”); and … threat detection (Manuguri: paragraph [0021], “receiving the result of the inspection from the selected device”; paragraph [0019], “inspection of the packets may reveal that the packets include data from a prohibited uniform resource locator (URL) and the packet stream is reset/dropped as a part of a triggered policy response”; Watson: paragraph [0040], “packet capture manager 102 may detect the suspicious traffic pattern in the captured packets stored in the primary storage 104 and identify the captured data flows including the packets associated with the suspicious traffic pattern as data flows of interest”) of the storage volume (Watson: paragraph [0031], “store captured packets, including header data and payload data, in the primary storage 104”) … wherein the alert (Manuguri: claim 4, “receiving, from the second host computer, a result of the comparison of the content of the one or more packets to the policy”) represents a threat detected in the replicated storage volume by the second computing storage device (Manuguri: paragraph [0021], “receiving the result of the inspection from the selected device”; paragraph [0019], “inspection of the packets may reveal that the packets include data from a prohibited uniform resource locator (URL) and the packet stream is reset/dropped as a part of a triggered policy response”). Manuguri and Watson do not teach …disabling, at the first system, … by the first computing storage device of the first system;… However, Buytenhek does teach …disabling, at the first system (Buytenhek: paragraph [0047], “load balancer 110 receives an instruction to drain traffic from server 121”), … by the first computing storage device of the first system (Buytenhek: paragraph [0047], “Load balancer responsively shifts incoming traffic to server 111 and server 131 so that the load on server 121 can be reduced and/or eliminated”),… It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the load-balancing packet inspection system of Manuguri and Watson (Manuguri: paragraph [0027], “Hosts 305 may be selected based upon the availability data and/or according to one or more load-balancing algorithms”) to incorporate the teaching of Buytenhek to use a draining technique to put a server/host out of service. The motivation for doing so is to allow the server to be put out of service and keep continuity of operations (Buytenhek: paragraph [0024], “while traffic associated with other connections may be routed to the other servers, slowly draining the identified server of all traffic so that it can be taken out of service for maintenance, upgrades, and the like”; paragraph [0020], “allowing servers to be gracefully drained of traffic in the event of a failover scenario”). Regarding claim 8, Manuguri, Watson and Buytenhek teach the method of claim 7, wherein disabling the threat detection of the storage volume (Watson: paragraph [0031], “store captured packets, including header data and payload data, in the primary storage 104”) by the first computing storage device (Manuguri: claim 1, “a first host computer”) of the first system (Buytenhek: paragraph [0047], “load balancer 110 receives an instruction to drain traffic from server 121. This may happen in response to a failover event, a planned outage, or the like. Load balancer responsively shifts incoming traffic to server 111 and server 131 so that the load on server 121 can be reduced and/or eliminated”) is based on one or more of the following: computing capacity of the first computing storage device and the second computing storage device; load balancing (Buytenhek: paragraph [0026], “Load balancer 110 is representative of any physical or virtual computing equipment capable of distributing incoming packet traffic across various servers”) between the first computing storage device (Manuguri: claim 1, “a first host computer”) and the second computing storage device (Manuguri: paragraph [0027], “Hosts 305 may be selected based upon the availability data and/or according to one or more load-balancing algorithms”), and a utilization rate of the first computing storage device and second computing storage device. The motivation to combine references for the claims listed above is the same as the motivation stated in claim 7. Re. claims 16-17, they recite analogous limitations as claims 7-8, respectively, and therefore are rejected for the same reasons. References Cited Naga et al. (USP App Pub 2013/0185229; hereinafter Naga) is cited to show that it is common knowledge and well known in the prior art that cloud storage of data may use storage volumes (Naga: paragraph [0029], “The data blocks of the file system 111 are stored in the storage volumes 121 of cloud storage services 120”). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ADITYA SRIRAM whose telephone number is (703)756-1715. The examiner can normally be reached M-Sa: 9:00 AM - 5:00 PM MST or PST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at (571) 272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /A.S./ Examiner, Art Unit 2491 /WILLIAM R KORZUCH/ Supervisory Patent Examiner, Art Unit 2491
Read full office action

Prosecution Timeline

Dec 12, 2024
Application Filed
Mar 18, 2026
Non-Final Rejection mailed — §103
Jun 09, 2026
Response Filed
Jul 02, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682021
DATA COLLECTION APPARATUS AND METHOD FOR MACHINE LEARNING
2y 1m to grant Granted Jul 14, 2026
Patent 12675558
Method and System for Decommissioning Cloud-Connected Printers
3y 4m to grant Granted Jul 07, 2026
Patent 12670286
SYSTEMS AND METHODS FOR DETERMINISTIC ORDERING AND ENFORCING INTRA-BLOCK FAIRNESS IN DISTRIBUTED LEDGER IMPLEMENTATIONS
3y 10m to grant Granted Jun 30, 2026
Patent 12670496
Method to Validate Application Programming Interface (API) leveraging Non fungible Token (NFT)
3y 7m to grant Granted Jun 30, 2026
Patent 12664239
DYNAMIC TRANSITIONING AMONG DEVICE SECURITY STATES BASED ON SERVER AVAILABILITY
3y 8m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
71%
Grant Probability
98%
With Interview (+27.1%)
2y 11m (~1y 4m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 41 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month